Security News > 2022 > September > Lazarus Group unleashed a MagicRAT to spy on energy providers
The North Korean state-sponsored crime ring Lazarus Group is behind a new cyberespionage campaign with the goal to steal data and trade secrets from energy providers across the US, Canada and Japan, according to Cisco Talos.
The Lazarus Group is perhaps best known for the infamous WannaCry attacks and a ton of cryptocurrency theft.
In research published today, Talos threat researchers say they observed malicious activity attributed to Lazarus Group between February and July.
The third implant is a previously unknown remote access trojan that Talos discovered, named "MagicRAT," and attributed to Lazarus Group.
"This activity aligns with historical Lazarus intrusions targeting critical infrastructure and energy companies to establish long-term access to siphon off proprietary intellectual property."
It's also similar to the Maui ransomware campaign used against US health-care organizations earlier this year that Kaspersky later attributed to Andariel, a North Korean state-sponsored threat with links to the notorious Lazarus Group.